File system with per-file selectable integrity

ABSTRACT

A file system uses data integrity techniques that are a selectable attribute of a file system object. Some file system objects have integrity on for various accesses, while other file system objects do not. Different default settings can be provided for different file system objects. Such a setting for a file system object can be changed to and from having integrity on. Given a file system object with an attribute, the file system provides file system operations for which the data integrity operation used on the file system object depends on this attribute. Such operations include, but are not limited to, operations for changing the attribute, creating file system objects with such attributes, providing and changing default settings for such attributes, and writing data to and reading data from files, which use different data integrity techniques based on this attribute.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No. 13/742,339, filed Jan. 15, 2013, to be issued as U.S. Pat. No. 9,183,246 on Nov. 10, 2015, which is hereby incorporated by reference.

BACKGROUND

A file system in a computer generally is part of the operating system that manages access to one or more storage devices. The file system provides an interface through which other applications can create files, write data to files and read data from files stored on the storage devices. The file system provides an abstraction layer between the details of managing the storage devices, such as the actual storage locations within each device where data is stored, and applications. This abstraction layer allows applications to identify files and access to files using references to files and locations within to files, without the need for the application to have information about the actual storage locations on the storage devices or other details about the storage devices. Typically, the references to files are defined as combinations of various file system objects, such as a name of a storage device or collection of storage devices, names of directories and paths of directories, names of file streams and files, or other types of file system objects. Each file system object generally is a named construct that represents data stored within the file system.

Within the file system, when data for a file is stored, it generally is broken into small chunks (often called blocks) which are stored on the storage device. The file system generally tracks, for each file, the storage locations within the storage device where each block of a file is stored, and the ordering of those blocks.

Some file systems, when writing data in a file, modify the data within the allocated blocks for the file. This is called “in-place” writing. Other file systems, when writing data in a file, are configured to provide a level of data integrity. For example, the file system may compute and store checksums of the stored data. As another example, “copy-on-write” can be used, which involves writing data to a free block of storage in a storage device, then change the file-to-block mapping to refer to the newly written block, with the overwritten data block being discarded. Both checksums and copy-on-write can be used, as well as other techniques for providing data integrity. While providing increased data integrity, techniques such as computing checksums and performing copy-on-write can reduce performance.

SUMMARY

This Summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. This Summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.

A file system is provided in which writing with data integrity is a selectable attribute of a file system object, such that some file system objects have integrity on for various accesses, while other file system objects do not. Different default settings can be provided for different file system objects. For example, different default setting can be provided for different files in different directories, and for different file streams within a file. Such a setting for a file system object can be changed to and from having integrity on.

Given a file system object with an attribute, the file system can provide to users and other applications various file system operations for which the data integrity operation used on the file system object depends on this attribute. Such operations include, but are not limited to, operations for changing the attribute, creating file system objects with such attributes, providing and changing default settings for such attributes, and writing data to and reading data from files, which use different data integrity techniques based on this attribute. For example, different file system objects can use different kinds of data and file integrity, such as copy-on-write, checksums and other operations, based on this attribute.

In the following description, reference is made to the accompanying drawings which form a part hereof, and in which are shown, by way of illustration, specific example implementations of this technique. It is understood that other embodiments may be utilized and structural changes may be made without departing from the scope of the disclosure.

DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of an example computing device in which a files system can be implemented.

FIG. 2 is a diagram of an example class hierarchy of file system objects.

FIG. 3 is a flow chart describing an example implementation of creating a file system object.

FIG. 4 is a flow chart describing an example implementation of writing data to a file system object.

FIG. 5 is a flow chart describing an example implementation of reading data from a file system object.

FIG. 6 is a flow chart describing an example implementation of disabling integrity for a file system object.

FIG. 7 is a flow chart describing an example implementation of enabling integrity for a file system object.

DETAILED DESCRIPTION

The following section provides an example computing environment in which a file system can be implemented.

The following description is intended to provide a brief, general description of a suitable computing environment in which a file system can be implemented. The system can be implemented with numerous general purpose or special purpose computing hardware configurations. Examples of well known computing devices that may be suitable include, but are not limited to, personal computers, server computers, hand-held or laptop devices (for example, media players, notebook computers, tablet and slate computers, cellular phones, personal data assistants, voice recorders), multiprocessor systems, microprocessor-based systems, set top boxes, game consoles, programmable consumer electronics, network PCs, minicomputers, mainframe computers, distributed computing environments that include any of the above systems or devices, and the like.

FIG. 1 illustrates an example of a suitable computing system environment. The computing system environment is only one example of a suitable computing environment and is not intended to suggest any limitation as to the scope of use or functionality of such a computing environment. Neither should the computing environment be interpreted as having any dependency or requirement relating to any one or combination of components illustrated in the example operating environment.

With reference to FIG. 1, an example computing environment includes a computing machine, such as computing machine 100. In its most basic configuration, computing machine 100 typically includes at least one processing unit 102 and memory 104. The computing device may include multiple processing units and/or additional co-processing units such as graphics processing unit 120. Depending on the exact configuration and type of computing device, memory 104 may be volatile (such as RAM), non-volatile (such as ROM, flash memory, etc.) or some combination of the two. This most basic configuration is illustrated in FIG. 1 by dashed line 106. Additionally, computing machine 100 may also have additional features/functionality. For example, computing machine 100 may also include additional storage (removable and/or non-removable) including, but not limited to, magnetic or optical disks or tape. Such additional storage is illustrated in FIG. 1 by removable storage 108 and non-removable storage 110. Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer program instructions, data structures, program modules or other data. Memory 104, removable storage 108 and non-removable storage 110 are all examples of computer storage media. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disks (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can accessed by computing machine 100. Any such computer storage media may be part of computing machine 100.

Computing machine 100 may also contain communications connection(s) 112 that allow the device to communicate with other devices. Communications connection(s) 112 is an example of communication media. Communication media typically carries computer program instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media. The term “modulated data signal” means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal, thereby changing the configuration or state of the receiving device of the signal. By way of example, and not limitation, communication media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared and other wireless media.

Computing machine 100 may have various input device(s) 114 such as a keyboard, mouse, pen, camera, touch input device, and so on. Output device(s) 116 such as a display, speakers, a printer, and so on may also be included. All of these devices are well known in the art and need not be discussed at length here. The input and output devices can provide a natural user interface, which is any interface technology that enables a user to interact with a device in a “natural” manner, free from artificial constraints imposed by input devices such as mice, keyboards, remote controls, and the like. Examples of NUI methods include those relying on speech recognition, touch and stylus recognition, gesture recognition both on screen and adjacent to the screen, air gestures, head and eye tracking, voice and speech, vision, touch, gestures, and machine intelligence. Specific categories of NUI technologies on which Microsoft is working include touch sensitive displays, voice and speech recognition, intention and goal understanding, motion gesture detection, such as by using cameras and/or accelerometers/gyroscopes, facial recognition, 3D displays, head, eye, and gaze tracking, immersive augmented reality and virtual reality systems, all of which provide a more natural interface, as well as technologies for sensing brain activity using electric field sensing electrodes.

A file system generally is implemented as part of an operating system of the computer, which manages access to various system resources by other computer programs. Typically, the file system and operating system are implemented using a computer program running on the computer, including computer-executable instructions and/or computer-interpreted instructions, such as program modules, being processed by the computing machine. Generally, program modules include routines, programs, objects, components, data structures, and so on, that, when processed by a processing unit, instruct the processing unit to perform particular tasks or implement particular abstract data types. This system may be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.

Alternatively, or in addition, some of the functionality of the file system described herein can be performed, at least in part, by one or more hardware logic components. For example, and without limitation, illustrative types of hardware logic components that can be used include Field-programmable Gate Arrays (FPGAs), Program-specific Integrated Circuits (ASICs), Program-specific Standard Products (ASSPs), System-on-a-chip systems (SOCs), Complex Programmable Logic Devices (CPLDs), etc.

Given a computing machine such as described in FIG. 1, a file system can be implemented in which having integrity on is a selectable attribute of a file, such that some files on the storage device have integrity on, while other files do not. Different default settings can be provided for different file system objects. Such a setting for a file system object can be changed to and from having integrity on. An example implementation of such a file system will now be described.

Referring to FIG. 2 as an example implementation, the file system generally defines a set of different kinds of file system objects 200, such as a directory 202, a file 204 and file streams 206. A file 204 can include a collection of file streams 206 as indicated at 208. For example, a file can include a metadata file stream and a data file stream, each with a different integrity attribute. A root directory 210 is a special kind of directory 202, providing the top level directory of a storage system being managed. The storage system governed by the root directory can include a plurality of storage devices, but for the sake of simplicity the description herein will refer to singular storage device.

Each file system object has one or more attributes, such as a name and other attributes that depend on the implementation of the file system. The attributes of a first file system object can include default settings for other file system objects which are created and dependent on the first file system object. For example, attributes of a directory can define default settings for files and file streams created within that directory. Attributes of a file, can define default setting for file streams included within that file.

A file, file stream or other similar object can also include an extent table that lists, for each portion of the file or file stream (such as a block) various information about that block, such as its location in storage, or other data. Such other data can include a checksum or other information used to provide storage integrity.

While the foregoing describes a file system that has file system objects within an object class hierarchy, other implementations of file systems using other types of data structures to represent file system structures also can be used, and the invention is not limited to the object types described above, or to an object-oriented implementation. The term “file system object” is intended to mean any implementation of a file system structure, such as a root directory, file or the like, depending on the file system, and is not limited to object-oriented implementations.

In general, a file system allows applications and user to create, within a root directory for a storage device or set of storage devices, multiple directories and other file objects within those directories, which creates a directory tree. The name of a storage volume, and the list of names of directories containing a file system object, is called a path. A computer program accesses a file system object through the file system by providing to the file system the path that contains the desired file system object and the name of the file system object.

A file system makes available to other computer programs a variety of operations, typically through a programming interface such as function calls and the like, which operations allow storage to be accessed. A file system may include operations that initialize a storage device (also called a “volume” herein) for use, and operations that create, read, write or update, or delete file objects. A computer program performs operations on a file system object by specifying the operation and the path and name for the file system object on which the operation is to be performed.

To implement a file system which can provide data integrity as a selectable attribute of a file, in one example, a file system object is defined to have an attribute indicating the kind of behavior to be provided for the object. This attribute can be a binary value indicating that integrity is either enabled or disabled. This attribute also can be implemented using a range of values of which one or more values are indicative of integrity being enabled or disabled. The attribute can be either expressly specified or inferred from one or more other attributes. As shown in FIG. 2, this attribute can be present for each type of file system object. Each instance of each type of file system object can have a different setting for this attribute.

There are a variety of other ways to track whether a file system object has integrity on. For example, a table can be maintained in memory or storage indicating, for each file system object, whether that object has integrity on. A list of objects having integrity on can be maintained, with presence of an object in that list being indicative of it having integrity on. A characteristic of the file name, such as a file name extension indicating the type of the file, can be used to indicate that integrity is on. The type of the file system object also can be used to indicate that integrity is on. As another example, data within a file can be used to indicate this attribute as well.

Given a file system object that has an attribute indicative that integrity is on for that object, various file system operations are implemented so as to first check this attribute and then perform the operation in a manner depending on the value of that attribute. The following examples of operations will now be described: initializing a volume, creating a file system object (e.g., directory or file), writing a file, reading a file, changing the attribute for a file. This set of operations is not intended to be exhaustive, but merely illustrative of the kinds of operations that can be implemented differently depending on the attribute of a file system object.

Initializing a volume will now be described. When a volume is first mounted and its directory structure is initialized, the root directory object is created. The attribute for the root directory can be set to a default value indicating whether further file system objects created under the root directory will have integrity on.

Creating a file system object will now be described. When a file system object is created, whether a directory, file or file stream, the attribute for the directory or other file system object that will contain the object is retrieved 300. The new file system object is created 302, and its attribute is set 304 to the retrieved attribute of the containing directory.

Writing data to a file or similar object will now be described in connection with FIG. 4. When data is to be written to a file, the attribute for the file is retrieved 400. If the attribute indicates that integrity is on, as determined at 402, then the data is written using one or more data integrity techniques. For example, copy-on-write functionality is applied 404 to write the data. Generally, in addition, checksums for the blocks of the file to which data is written are computed and stored. If integrity is not on, then a conventional write operation is performed 408.

Reading data from a file or similar object will now be described in connection with FIG. 5. When data is read from a file, the attribute for the file is retrieved 500. If the attribute indicates that integrity is on, as determined at 502, then the data is read 504, and any data integrity techniques are used. For example, if the data was written using checksums, a checksum is computed 506 and used to detect and allow for attempts at correction of the read data. If the attribute does not indicate that integrity is on, then a conventional data read is performed 508.

A file system command can be provided to enable a user or an application to change the attribute of a file, whether enabling or disabling integrity. In one implementation, a file that has integrity on uses a checksum for each block. These checksums can be stored in the same extent table for the file system object that stores the storage location for the object, for example. In this implementation, when integrity is disabled, the checksums are not needed. So, in this implementation, when enabling integrity, the checksums are computed and stored and the attribute is changed after the checksums are stored. When disabling integrity in this implementation, the attribute is changed, then the checksums can be discarded by deleting them (thus making storage available) or otherwise marked as invalid. Use of such checksums can be independent of copy-on-write techniques.

Changing a file system object to disable integrity will now be described in connection with FIG. 6. The file system receives 600 a command to change the attribute of a selected file system object. The file system then changes 602 the attribute of the file system object. After the change to the attribute completes without error, any additional data stored, such as checksums, for supporting integrity techniques for this file system object can be deleted or marked invalid 604. In another implementation, such checksums can be removed first and then the attribute can be changed. In such an implementation, any missing or invalid checksums for a file can be processed by treating the file, or just the corresponding block, as not having integrity on.

Changing a file system object to enable integrity techniques will now be described in connection with FIG. 7. The file system receives 700 a command to change the attribute of a selected file system object. The file system then computes 702 and stores any additional data to be stored for the file system object, such as checksums, which support the integrity techniques being used. This data can be stored, for example, in an extent table for the file system object. After the data is successfully stored, the attribute for the object then can be changed 704. In another implementation, the attribute can be changed, followed by computing the checksums. In such an implementation, any missing or invalid check sums for a file can be processed by treating the file, or just the corresponding block, as not having integrity on.

Having now described an example implementation, it should be apparent that other implementations are possible. Other types or attributes on file system objects can similarly be used to provide for different file system operations, such as providing different levels of data and file integrity, on different files based on the type or attribute of the file. It is also possible to provide such attributes for each extent within a file, to allow selectable integrity for each extent in a file.

Any or all of the aforementioned alternate embodiments described herein may be used in any combination desired to form additional hybrid embodiments. It should be understood that the subject matter defined in the appended claims is not necessarily limited to the specific implementations described above. The specific implementations described above are disclosed as examples only. 

What is claimed is:
 1. A computer with a file system for managing storage of and access to a plurality of file system objects on a storage device, comprising: a storage medium storing data indicating whether integrity is applied to each of the file system objects, such that some of the file system objects can have integrity applied while other file system objects do not have integrity applied; a memory and a processor, with computer program code stored in the memory that, when executed by the processor, configures the processor to respond to requests from applications to access file system objects on the storage medium, wherein access to one of the file system objects uses integrity if the data indicates that integrity is applied to that file system object, and access to that file system object does not use integrity if the data indicates that integrity is not applied to that file system object.
 2. The computer of claim 1, wherein the data indicating whether integrity is applied comprises, for each file system object, an attribute indicating whether integrity is applied.
 3. The computer of claim 1, wherein the requests include requests to create a file system object, and wherein, upon receipt of a request to create a file system object, the computer creates the file system object with data indicating whether integrity is applied according to a default value for the data.
 4. The computer of claim 1, wherein the requests include requests to write data to a file system object, and wherein, upon receipt of a request to write data to a file system object, the computer writes data to the file system object according to the data indicating whether integrity is applied.
 5. The computer of claim 1, wherein the requests include requests to read data from a file system object, and wherein, upon receipt of a request to read data from a file system object, the computer reads data from the file system object according to the data indicating whether integrity is applied.
 6. The computer of claim 1, wherein the requests include requests to change whether integrity is applied to a file system object, and wherein, upon receipt of a request to change whether integrity is applied to a file system object, the computer changes the data indicating whether integrity is applied to the file system object.
 7. The computer of claim 6, wherein the requests include requests to disable applying integrity to a file system object.
 8. The computer of claim 6, wherein the requests include requests to enable applying integrity to a file system object.
 9. A computer-implemented process, comprising: receiving a request to access a file system object; determining whether the file system object has integrity applied to it; if the file system object has integrity applied, then using integrity based access to the file system object; and if the file system object does not have integrity applied, then using another form of access for the file system object.
 10. The computer-implemented process of claim 9, wherein the data indicating whether integrity is applied comprises, for each file system object, an attribute indicating whether integrity is applied.
 11. The computer-implemented process of claim 9, wherein the requests include requests to create a file system object, and wherein, upon receipt of a request to create a file system object, the computer creates the file system object with data indicating whether integrity is applied according to a default value for the data.
 12. The computer-implemented process of claim 9, wherein the requests include requests to write data to a file system object, and wherein, upon receipt of a request to write data to a file system object, the computer writes data to the file system object according to the data indicating whether integrity is applied.
 13. The computer-implemented process of claim 9, wherein the requests include requests to read data from a file system object, and wherein, upon receipt of a request to read data from a file system object, the computer reads data from the file system object according to the data indicating whether integrity is applied.
 14. The computer-implemented process of claim 9, wherein the requests include requests to change whether integrity is applied to a file system object, and wherein, upon receipt of a request to change whether integrity is applied to a file system object, the computer changes the data indicating whether integrity is applied to the file system object.
 15. The computer-implemented process of claim 14, wherein the requests include requests to disable applying integrity to a file system object.
 16. The computer-implemented process of claim 14, wherein the requests include requests to enable applying integrity to a file system object.
 17. An article of manufacture, comprising: a storage medium, with computer program code stored in the memory that, when executed by the processor, configures the processor to: store data indicating whether integrity is applied to each of the file system objects, such that some of the file system objects can have integrity applied while other file system objects do not have integrity applied; and respond to requests from applications to access file system objects on the storage medium, wherein access to one of the file system objects uses integrity if the data indicates that integrity is applied to that file system object, and access to that file system object does not use integrity if the data indicates that integrity is not applied to that file system object.
 18. The article of manufacture of claim 17, wherein the data indicating whether integrity is applied comprises, for each file system object, an attribute indicating whether integrity is applied.
 19. The article of manufacture of claim 17, wherein the requests include requests to create a file system object, and wherein, upon receipt of a request to create a file system object, the computer creates the file system object with data indicating whether integrity is applied according to a default value for the data.
 20. The article of manufacture of claim 17, wherein the requests include requests to write data to a file system object, and wherein, upon receipt of a request to write data to a file system object, the computer writes data to the file system object according to the data indicating whether integrity is applied. 